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1. INTRODUCTION 

Digital communication system is the backbone of technological data exchange protocols throughout 
the world. With the emergence of the Internet, the need of secured and trusted delivery of message evolves at 
greater dimensions. Cryptography [1-3] is one of the intermediate solution approaches for such abstract level 
of message communication. There are so many malware attackers present in the network, whose main task is 
to sniff the confidential data during communications. Once they succeed, they do synchronize with the 
recipients for rest of the session. Attackers willingly do distort or damage the messages which were supposed 
to be procured in between the two parties only. Validation of the regenerated message by the receiver is an 
essential feature in any format of digital communications. The proposed technique addresses the said area of 
concern through hiding the delegation of privilege to a recipient from the intruders. The organization of this 
paper is as: Section 1.1 deals with the brief literature survey, Section 1.2 contains the problem domain, 
Section 1.3 reveals the proposed solution in short, Section 2 and Section 3 illustrate the proposed technique 
and its brief explanation respectively. Results are discussed in the Section 4 and Section 5 has the conclusion. 


1.1. Literature survey 
A pattern of value is a key which is used for encryption by the sender and it is used for decryption 
by the receiver in case of symmetric key cryptography. The exchange of that particular key is the basic 
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criteria in cryptography. The most challenging fact is that an intruder silently intercepting all the cipher text 
in the network to decode the message. The key exchange problem [4] was coined by two scientists Whitfield 
Diffie and Martin Hellman in 1976. They have proposed a system to exchange a key from X to Yeven if I 
observs the entire communication, where X, Y, and I represents sender, receiver, and intruder on the global 
view. Another technique to transmit a message with more security is secret sharing of data [5]. A 
transmittable data would be splitted into multiple fragments with the criteria that threshold fragments can 
only reassemble the entire data. Blakey’s Secret Sharing Scheme [6] has applied geometry to solve secret 
sharing of data. The secret data is a point value in a k- dimensional space and corresponding n shares are 
treated as the point of intersection on an affine hyper plane. The solution set y = (1, ¥2,.--,¥%) and 
the equation pyy? + p,y? +--+ p,y* = b forms an affine hyper plane. The point of intersection can be 
found by determing the intersection on the hyper planes. 


1.2. Problem domain 

Leakage of the information without the consent of the admimistrator is possible in existing system 
of secret sharing. Controlling the personal information and not to accessible to the external hands on 
the network is a big challenge. Thus, in a group sharing of partial shares, some malpractioners may do misuse 
the sender’s confidential data in wrong direction. 


1.3. Proposed solution 

If a grant of privilege is issued to a delegated sender/recipient, then it may be assured that without 
the involvement of that recipient, the original message cannot be regenerated. Authentication at 
the recipient’s terminal is badly needed due to the fact that messages can be duplicated, manipulated, 
damaged, reverted, etc by the intruders. To make the communication system more reliable [7-8], this 
proposed technique provides a better optimal answer. 


2. PROPOSED TECHNIQUE 

The key idea is to include the privileged share at the recipient’s end. Thus, to create one additional 
protection level, so that without the privileged share the original message cannot be regenerated. 
The foremost task is to accumulate the privileged share and other partial shares which constitute the threshold 
value. It is followed by the filtering of specified fields help to achieve the proposed technique. The specified 
fields are extracted accordingly followed by the authenticity verification. In case of genuine authentication, 
further deciphering of the shares is being carried out. 


Proposed Algorithm: Privilege Based Authentication 
Requirement (s): Sender’s ID No. (PID), Master Key of Sender(Mk), Source File (S1.PDF ) 
Input(s):n,k : number of recipients & threshold number respectively 
Output (s): Regenerated authenticated message 
{/* Merge of Privilege Share with threshold */} 
Threshold_MSG [| <— Call Merge_Shares ((k — 1) number of shares | ], Privileged_Share | |) 
{/* Validation of Shares */} 
Field[0...3] <— Call ExtractionFields (Threshold_MSG) 
{/* Authentication Verification */} 
TEMP < Call Authentication (Field[2], Field[3]) 
If (TEMP) Then 
Success 
Else 
Report Failure in data transmission 
End if 


2.1. Proposed merging of digital secret shares 

The proposed technique deals with that the threshold number of shares are minimum needed to be 
combined together to regenerate the original share. The novelty of our proposed technique is that a grant of 
privilege has to be assigned to a pre-defined recipient. This recipient is delegated as privileged recipient. 
Unless and until the share of the privileged recipient is merged into the threshold shares, the original data can 
not be revealed. Bitwise ORing operations were carried on those threshold digital shares. 


IJ-AI Vol. 8, No. 2, June 2019: 175-180 


IJ-AI ISSN: 2252-8938 0 177 


Proposed Algorithm: Merge_Shares 
Requirement(s): (k — 1)Threshold Shares, TSH[1],.... TSH[k — 1], (1) Privileged_Share, PSH{ | 
Input(s):n: Number of Recipients, k: Threshold Value 
Output(s): Merged Matrix[k]| |: Merged matrix obtained from threshold 
{/* Operations on threshold digital shares */ } 
MAT1[ ] < Call Merge (TSH[1],TSH[2], ... ,TSH[k —2]) 
{ /* Merging of Privileged Share */ } 
MAT1[ ] < Call Merge ( MAT1,PSH[]) 


The Merge ( ) function called as above is a dynamic function which can receive multiple parameters 
as shares. Since the partial received shares are of same length. The principal work done by this is to 
determine the resultant of bitwise OR operations carried out between the multiple digital shares. 


2.2. Proposed extraction of fields 

The orientation of the bits while transferring the secret message as follows according to our 
proposed technique. The first attribute is header of four bits length, out of which two denotes the size of 
the encrypted file and remaining two denotes the length of the digest. The second attribute denotes the entire 
encrypted message. The third attribute denotes the contents of the message digest. And the last attribute 
denotes the encrypted key of the sender’s master key. 


Proposed Algorithm: Authentication of Fields 
Requirement(s): Master key of sender, Header structure, Matrix of privileged shares. 
Input(s): MST_KEY, Header, MAT1 
Output (s): Required fields 
{ /* Extraction of Fields */ } 

Size = Call ValueAt( Header ,1,2 ) 

DigestSize = Call ValueAt( Header ,3,4 ) 

EK = Call RSA ( MST_KEY ) 

EncSize = Call SizeOf (Ek) 

EF < Call SubString( MAT1,5, Size) 

DK < Call SubString( MAT1, EF + 5,DigestSize) 
PAD < Call SubString (MAT1,4+ EF + DK + 1,EncSize ) 


2.3. Proposed authentication verification 

Proposed algorithm authenticates the threshold number of shares received and processed henceforth. 
The fourth field of the accumulated share would be extracted at the recipient’s end, which in turn would be 
fed into the MD5 algorithm to generate the hash code of 128 bits. A bitwise XOR operation would be done 
between the generated hash code and received hash code through secured channel. The sensitivity parameter 
is that if any conflict observed even in a single bit determines the bit distortion/damage while message 
communication, and decides the invalid merging of shares. So the sensitivity test is on the entire sequence of 
bits. Following algorithm determines the authenticity based on checking. 


Proposed Algorithm: Authentication Verification 
Requirement(s): Temp [128]: Integer Array 
Input(s): Pad field (summation of thsersold shares) (Pap), digest key (Dx) 
Output(s): verified or not (yes or not) 

{ /* Retrieval of Message Digest */ } 

DK’ < Call MD5 (PAD ) 
fori= 0to127do 
Temp [i] — (DK[i 2 DK’[i]) // Equality Checking done here 
end for 
Set flag =0 
fori= 0to127do 
if (Temp|i] ! = 0) then 
flag =1 
break 
end if 
end for 
if (flag ) then 
Verification Failed 
else 
Verification Success 
end if 
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3. ILLUSTRATION OF PROPOSED TECHNIQUE 

To illustrate the proposed technique in brief, {n, k} can be assumed as {5, 3} where n and k denotes 
the number of recipients and threshold respectively. Let 8A24C34AG7SK25 be the master key (MK) of the 
sender and a message saved as p1.pdf is to be shared using this proposed technique. The sender’s public key 
pair may be (137,83) which are prime numbers. The public key pair of the following desired recipients 
show in Table 1. 


Table 1. Public key pairs of recipients 
SLNo. Recipient ID | Known Key Pair 


1 R#1 public (97, 73) 
2 R#2 public (197, 41) 
3 R#3 public (103, 173) 
4 R#4 public (173, 41) 
2) R#5 public (97, 23) 


The corresponding master key (Mx) of the sender has been fed into RSA algorithm to obtain the 
encrypted key (Ex) de94f8 | bfe83f7eed728. Similarly, the source file (p1.pdf) has also been encrypted using 
RSA algorithm to generate the following hexadecimal string 260d8f2f ...e7. Now using a hash algorithm, 
the digest of the encrypted key is c7c52f2bbab358795947dfbd27e5d63b. Shown in Figure 1 structure 
has been proposed. 


Header Encrypted data Digest key (Dx) Paddin, 
MSG: 0A14 —_260d8f2f...e7 — c7c52£2bbab358795947 —_ dfbd27e5d63bde94f8 1 bfe83f7eed728 


Figure 1. Proposed structure under authentication 


Following are the n (=5) number of shares which are produced from MSG using mask generation 
algorithm.as for example, here we use a mask matrix[9] of order 5x10 and using this mask matrix we 
generate 5 shares. Three previlaged shares can generate plain text out of five shares. 


1st share: 0A00060d0f2f0707050f2b0a03080959070f0d07e5060b 0e04f80b0e0307ee0708 
2nd share: 0A202600000fe7c7c0000bbab350000947dfb00005d63b d000081bfe80000ed72 
3rd share: 0A20200d8f0fe0c0052f0bb0b008790940d00d2705d0300e94f81bf003f70ed020 
4th share: 0000000d800f e0c0052f0bb0b008790940d00d2705d030 de90f00b0083 f0e00700 
5th share: 002026008f20e0c7c02f20b0b350795040dfb027e0d03b d094f010fe80f7e0d028 


Next the above shares are encrypted by the corresponding individual public key of the recipient and 
send them. Now each recipient decrypts the message using their private keys. Now the message can get back 
from ORing any three decrypted shares including the privileged share. Thus two bytes header field is 
separated to recognize the size of encrypted data and padding (encrypted key). Now the padding string is fed 
into the RSA algorithm to generate master key and using the same hash algorithm to generate an output, 
which is being checked with digest key (Dx).On successful checking, the original secret data can be 
reconstructed by decrypting the encrypted data using sender’s public key, else, on hit and trial method 
the said procedure is repeatedly done over another k number of shares. 


4. RESULTS SECTION 

Shown in the Table 2 floating point frequency represents the number of repeated characters in a 
block of text. If the repeated characters are much more in a text then intruders can predict the plain text. 
Floating frequency analysis and entropy value analysis show that comparison to existing protocol for 
encryption and secret sharing are at par for the proposed model. Floating point frequency represents the 
number of repeated characters in a block. Our technique provides extra authentication of messages by using 
MD5 algorithm, in both receiver and sender sides.If we compare the entropy values between the cipher text 
by RSA with the cipher text by our proposed scheme the in all share our technique provides good result. 
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Table 2. Floating point frequency of proposed technique compared to standard technique 
Share Plain Text Cipher Text by RSA Cipher Text by Proposed 
No. Algorithm 
Share 1 a eee ; = — pes Tasty eee of ROTTIN — ; — 


Share 2 eo rare a = a anonn 4 He — a 


Share 3 = — = a = — - 7 ee 


he ss OTE 


ShareS = Se 7 oT 


4.1. Analysis based on entropy value 

Entropy is the measure of unpredictability of information in cipher text. Entropic security in 
encryption means it is very hard to predict the nominal information about plain text. Show in Table 3 the 
entropy value of our technique and this value is better than existing technique. So the table and Figure 2 
graph indicates that the technique is robust than any existing technique. If one looks at the shares in the above 
example it is cleared that the shares are all different from the actual key and there is no one to one relation 
between the shares and the actual key. Here longer key length denotes better security.The key is first 
encrypted by the sender’s private key and finally opened by sender’s public key, which confirms both 
authenticity and non-repudiation.The shares are encrypted by individual receiver’s public key before 
transmission and opened by individual receiver’s private key at the receiving end, which ensures 
confidentiality. Each share contains the share of the signature along with the share of the key. After 
reconstruction, the signature is compared with the digest of the key thus generated to ensure integrity.It can 
also be noticed that the n shares are generated only by ANDing n different masks with 
the secret message (how) and reconstructed simply by ORing the predefined minimal k number of shares 
where n and k can be anything k <n and m2. 


o 


Table 3. Entropy value of our proposed technique 
@ Plain Text 


and standard technique 6 +» : 
: Cipher text Cipher text by 
soutien hart by RSA proposed technique Cipher Text by 
Share 1 6.29 2.34 5.42 4 J — : RSA 
Share 2 6.27 3.28 5.42 
0 + T T T T @ Cipher Text by 


4 
2 

Share 3 6.3 3.59 5.49 e cuca 

Share 4 6.29 3.67 5.39 Share share 2 share 3 share4share5 ere posed 

Share 5 6.29 3.5 5.57 technique 


Figure 2. Graph for entropy value 


5. CONCLUSION 

Message regenation without the consent of the admimistrator can not be done in the proposed 
methodology. Now the sender can transmit data without being accessible to the unauthorized nodes by 
keeping his/her privilege. Thus, in a group sharing of partial shares, it provides more reliability in terms of 
encryption alanysis. This proposed technique provides a better optimal answer and is best suited for any 
financial transaction because of its two layer security and authentication under priviged scheme. 
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